A major operational disruption can devastate any business, leading to costly downtime and sometimes insurmountable recovery costs, but the consequences in the realm of financecan be even more extreme. When there’s a break in business continuity in finance, it doesn’t just disrupt a single business. Itcan throw entire markets into chaos.
Data is central to the operation of every financial organization. It encompasses every account, every balance, every customer record, and every transaction. Losing this data isno different than losing the actual money in a financial account. If there’s no record of it, it doesn’t exist. In a matter of moments, a skilled hacker could wipe out the financial information of all of a bank’s customers.
Phishing scams, ransomware, and fraud all put financial data at risk, exposing companies to painful economic, reputational, and legal outcomes.Although financial services institutionshave become more aware of the threat of cyber attacks and their ability to wreak havoc on operations, some organizations remain vulnerable because theylack solidbusiness continuity plans.In this post, we examine what business continuity in finance actually looks like, includinghow data is protected, which safeguards are needed to minimize disruptions, and why these measures are so essential.
What Are the Threats to Business Continuity in Finance?
Business continuity can be disrupted by many factors, including natural disasters, disease outbreaks, and violence or terrorism. However, for many leaders in the financial world, the most terrifying prospect isn’t physical but virtual. Cyberattacks and data breaches are a source of constant concern for financial institutions of every size.
Widespread Ransomware in Finance
Cybercriminals understand how valuable a financial institution’s data is, and this makes banks a prime target forransomware. The more essential and sensitive the data, the greater likelihood that a company will pay a ransom to restore it.
As a result,financial services ransomwarehas become increasingly common and expensive. Consider these alarming statistics highlighted in a2022 report by Sophos:
- In 2021, 55% of financial services organizations experienced a ransomware attack, a 62% increase over the previous year.
- More than 50% of financial services institutions that are hit by ransomware pay the ransom to recover their data.
- On average, it costs organizations in the financial services sector $1.59 million to remediate ransomware attacks.
- During a ransomware attack,91% of financial services organizations experience an impact on their ability to operate, and 85% lose business and revenue.
It’s important to note that the threats to the finance sector are not limited to ransomware. According to a 2022 report from Verizon, the finance industry is themost frequently targeted sectorfor basic web application attacks. Employees and customers of financial organizations alsofrequently receive phishing scams in the form of malicious links and infected file downloads.
Banks Around the Globe Attempt to Fend Off Cyberattacks
In recent years, banks in every corner of the world have struggled against an onslaught of cyberattacks. To get a clearer picture of how widespread this issue has become, it’s helpful to examinesome specific examples of banks that were hit by cyberattacks and lived to tell about it:
- Flagstar Bank:In June 2022, Flagstar Bank revealed that a December 2021 hack had resulted in a leak of personal information of1.5 million customers. This was the second major data breach at Flagstar in a 12-month period.
- Tri Counties Bank: Customers initially became aware of a problem at Tri Counties Bank when representatives announced in February 2023 thatits ATMs, company email and phone lines, and customer service call center were offline. A subsequent investigation suggests that private customer data, including driver’s licenses and passports, may have been leaked during thecyberattack that temporarily shut down operations.
- Globalcaja:A prominent bank in Spain, Globalcaja reported that it hadexperienced a ransomware attackin early June 2023. Bank representatives stated that they immediately implemented security protocols to isolate the infection and didn’t believe that any customer information had been compromised.
- Commonwealth Bank of Australia:In March 2023, Commonwealth Bank of Australia reported that its Indonesian branch, PT Bank Commonwealth, hadexperienced a cyberattack. Bank officials said that customer and employee information may have been accessed.
The degree of impact and disruption for these financial institutions differed widely based on what protections were in place and how quickly the company was able to respond. While Globalcaja has so far come away relatively unscathed, Flagstar Bank is facing at leastthree class action lawsuitsby customers who feel that the bank was negligent in protecting their private data.
No matter the outcome of the recent attacks, all of these financial institutionssaid that they planned to implement more comprehensive safeguards to prevent future attacks. Other financial institutions that have not yet faced a high-profile incident are also taking steps to guard against hackers. For example, the European Central Bank announced in March 2023 that it planned totest the resilienceof the top banks in the region in response to a severe uptick in cyberattacks.
The Importance of Business Continuity in Finance
Although some banks and financial services companies get lucky and suffer minimal damage during a cyberattack, the risk of significant consequences is a constant concern. The attack onTri Counties Bank is a perfect example of how many things can go wrong in a short period of time.Customers not only had their data exposed but also couldn’t use the banks’ATMs or make withdrawals at local branches for several days.
This type of disruption isn’t just an inconvenience. It can cause financial hardship for customers who need access to their funds, which, in turn, translates to a loss of trust in and loyalty to the company.
Imagine that this comparatively small bank, which has 75 branches in California, was national or global. A single attack could potentially affect millions of account holders around the world.The consequences would be not only far-reaching but also wide-ranging, which is whybusiness continuity in financial services is so critical.
Let’s break down exactly what’s at stake when a financial organization experiences a business continuity breakdown.
A Bank’s Survival
Businesses that can’t quickly recover from a disaster, whether a cyberattack or natural event such as a fire, are at a significantly greater risk of going out of business—permanently. That applies to companies in every industry, including banks. While larger financial institutions have more resources to deal with disruptions, smaller community banks can be put on shaky financial footing after a major attack.
Highly Sensitive Data
Banks arguably have some of the most sensitive data anywhere. It includes not only customers’ personally identifiable information, like names, addresses, and social security numbers, but also their financial records. Even when this data remainsprotected by encryptionduring attacks like ransomware, any kind ofperceivedbreach in privacy or security can be devastating for a business. Customers are rightfully protective over their financial data, and if they no longer trust that a financial organization can keep it safe, they may choose to take their business elsewhere.
Customer Confidence
When account holders can’t access their accounts, they get concerned. That’s true even when an outage isplanned, as when a bank’s online accounts undergo maintenance. Imagine the reaction when banks lose all account data for days, leaving customers unable to check their balances, ensure bill payments are going through, or confirm that they’ve received their paychecks. These situations drain customerconfidence, and many eventually move their money to a company that they feel will offer greater consistency and stability.
Market Confidence
The loss of customer confidence can also occur on a much larger scale. If a widespreadransomware attacklike Conti were to take down the world’s biggest financial institutions, it would be disastrous. The disruption could boil over into financial and investment markets. Account holders might attempt to cash out their accounts en masse, affecting the entire industry. For this reason alone, the financial services industry needs to take as many precautions as possible to prevent data loss and maintain continuity.
Preparing for the Worst: Sheltered Harbor
For years, the finance sector has made strides toward reducing the risk of data loss and theft. One of the most aggressive initiatives isSheltered Harbor, which was formed as a subsidiary of the Financial Services Information Sharing and Analysis Center (FS-ISAC).It aims to ensure continuity across the industry after a major cyberattack.
Sheltered Harbor welcomes participation fromfinancialorganizations of every type and size, such as:
- Banks
- Credit unions
- Brokerages
- Asset managers
- Industry associations
- Service providers
Under the initiative, participating financial institutionsdeploy impenetrable data backup systems that could be accessed by other banks in emergency situations.
For example, if a major international bank was hobbled by a ransomware attack, other banks could process transactions and other services on behalf of the affected bank. In that sense, Sheltered Harbor not only supports the individual bank but also the larger banking system. It ensures business continuity through the worst financial-industry cyberattack imaginable and gives accountholders peace of mind that they can still access their money through other financial institutions.
To implement Sheltered Harbor, financial companies go through a set process that includes:
- Signing up
- Assembling a team and establishing tracking and reporting processes
- Implementing data vaulting and resiliency plans
- Auditing and testing of deployed systems
- Receiving Sheltered Harbor certification
The cost and level of difficulty of joining and becoming certified by Sheltered Harbor depend on the size, complexity, and infrastructure of the financial organization.
Federal Regulation for Business Continuity in the Financial Industry
In the United States, financial institutions must also comply with extensive laws dictating how financial data should be stored and protected.
TheFederal Financial Institutions Examination Council(FFIEC) andFederal Deposit Insurance Corporation(FDIC)are two governmental agencies that provide their own guidance for disaster recovery. Banks that failto comply with these and otherbusiness continuity and data protection regulationscan facesteep fines and other penalties.
The financial services industry also has its own agencies for issuing guidance on disaster recovery protocols. TheFinancial Industry Regulatory Authority(FINRA) is a non-governmental entity that designates requirements for brokerages and securities firms, including guidance for:
- Creating business continuity plans
- Deploying data backup and recovery systems
- Conducting operational assessments
- Ensuring organizational redundancy, including backup communications systems and secondary locations
FINRA operates under the supervision of theU.S. Securities and Exchange Commission(SEC) and was designed to help protect investors and maintain fair financial markets.
Data Backup and Technology Solutions
With so much at stake, how can banks protect their data from threats like ransomware and minimize the risk of major disruptions, lawsuits, and penalties? Let’s take a look at the core functionality that today’s financial organizations require for their business continuity and disaster recovery (BCDR) systems.
Near-constant Backups
If a bank needs to restore a backup, it can’t afford to lose any unprotected data. A high backup frequency is needed to ensure that data is being replicated around the clock – ideally every few minutes, not just once or twice a day. Thebest data backup solutionsautomatically complete regular backups and verify that they will boot with all data intact.
Geo-redundant Storage
Storing backups in one or two locations is not enough for most banks. Data needs to be stored in multiple locations for greater protection and the fastest possible access to data. A geo-redundanthybrid cloud backup approach, for example, stores backups on-site and in the cloud via at least two redundant data centers located in geographically diverse areas.
Near-instant Data Recovery & Restoration
When a cyberattack occurs, it’s vital that organizations recover as quickly as possible. Advanced backup solutionsenable businessesto rapidly rewind to a recovery point from before the infection occurred. According to Sophos,62% of financial services organizationsrecover from ransomware attacks within a week. While that’s certainly better than a period ofmonths, even a few days can significantly increase the financial and reputational losses that an organization experiences. Recovering backups shouldn’t take hours or days. It should take seconds.
Backup Virtualization
Virtualized backups provide the instant recovery that today’s banks require. It allows them to boot a backup as a virtual machine for instant access to critical applications and data. High-quality BCDR systems enable this instant virtualization while also continuing to back up all new and modified data as the virtual machine runs.
Real-time Anti-malware Protection
Financial institutions require the best anti-malware solutions available. The software should actively monitor and scan every machine, and it should be updated constantly to ensure that new definitions are added as soon as they become available. Good anti-malware is an essential first line of defense against known cyber threats.
Ransomware Detection
Not all anti-malware solutions will detect the newest ransomware strains. Ransomware gangs are always looking for new ways to evade existing detection software, which is why it’s important to have additional protection. Some BCDR systemshave built-in ransomware protection that uses algorithms to detect early signs of an infection, such as data being modified in bulk.This early detection allows administrators to take action even faster so that backups can be restored with minimal disruption.
Infrastructure Backup
It’s critical that a bank’s backup system can restore not only data but also the larger infrastructure, includingoperating systems, configurations, and applications. This is what ensures continuity. If a financial institution has zero access to its critical applications after a disaster, it’s more likely toface a dire outcome.
Finding Business Continuity Support forFinancial ServicesOrganizations
Financial institutions have a responsibility to protect their data and prevent cyberattacks for the sake of government regulators, employees, and, most importantly, customers. By deploying a reliable backup system, developing a detailed business continuity plan, and making use of modern software services, such as ransomware and malware detection, banks and other financial services companies can reduce the likelihood of cyberattacks and increase their chances of recovering quickly should an incident occur.
In some cases, finance leaders fail to take the necessary steps to protect their companies not because they aren’t invested in guarding against cyber threats, but because they aren’t sure where to begin. Taking a closer look at today’s best disaster recovery solutions for financial organizations and other businesses is a good way to get started.Contact the business continuity specialistsat Invenio IT to learn what your company can do to prevent and recover from ransomware and other cyber attacks. When you’re ready to put your BCDR knowledge into practice,request a free demo to discover the right data backup technology for your company.
